The earlier article looked at the use of social media tools by businesses and the associated risk of computer-based crimes under Thailand’s draconian legislation.

According to the most recent article, the Civil and Commercial Code “makes employers jointly liable for the consequences of a wrongful act committed by employees in the course of employment.” According to the authors – both with law firms, this “would extend to defamation and lese majeste committed in the course of employment.”

If a person posts a comment deemed illegal or defamatory on a website, and

the person posting the comment was employed by a large company and published the defamatory post during office hours using computer systems owned and operated by the company, then the company would become an attractive litigation target.

This would especially be the case “if the employee’s comments were made on a blog or website operated by the employer.”

The Computer Crimes Act

also contains a section that has the potential to expose many employers to criminal liability for breaches of the CCA by employees.

The Act imposes penalties of up to 5 years’ jail and a fine of up to 100,000 baht for posting or forwarding computer data that are deemed illegal, including information considered “false and likely to cause damage to national security or stir up public agitation.”

As is widely known, the “CCA also imposes the same penalties on a service provider who intentionally supports or gives consent to the commission of the above acts on a computer system under the service provider’s control.” The lawyers argue that this provision is based on a very broad definition of the term “service providers.” They say it:

applies to anyone who provides others with internet access or any other services that enable communication via a computer system regardless of whether the service is provided on that person’s behalf or for the benefit of others.

As more companies use their own servers and operate their own intranet systems,

it is conceivable an employer that provides employees with internet access or devices such as BlackBerries or smartphones could come within the definition of a service provider under the CCA. Companies that provide WiFi access to customers or to the public could also be caught, as could an iPhone user allowing others to connect to the internet via a personal hotspot.

They add that, like webmasters, “if an employer becomes aware of content on the company’s computer system that contravenes the CCA, then the firm could be compelled to remove the content or face proceedings under the CCC.”

We know from the case against Chiranuch Premchaiporn that this provision is interpreted quite broadly by the authorities.

The highest risk for employers are said to be with social media. However, they add that:

emails and SMSs and other instant messages are also capable of creating liability for employers if the messages are transmitted using the employer’s computer system.

And, as we also know from Joe Gordon‘s case and that of Anthony Chai, the long arm of the lese majesty enforcers extends beyond Thailand’s shores. So too for the CCA:

The CCA also has extraterritorial applications and is not limited to offences taking place in Thailand. Proceedings can be started against Thai nationals who commit a breach of the CCA while abroad and against foreign nationals who commit a breach of the CCA abroad if the injured party is a Thai national or the Thai government. The CCA has already been enforced against a US national in relation to matters that occurred entirely outside Thailand.

That is pretty scary stuff, to think that the Thai monarchy needs protection in every corner of the globe.